1. Field of the Invention
The present invention relates to data terminal equipments and, more specifically, to a data terminal equipment included in an information providing system and placed on an information user side for retrieving content data from a server through a communications network.
2. Description of the Background Art
With widespread use of the Internet, a large number of enterprises have set up their own Web pages for introducing their products. To browse these Web pages, information users typically use browsing software (so-called browser) installed on a data terminal equipment. There has been one problem, however, called “spoofing”, meaning that an attacker creates an unauthorized Web page disguising itself as an authorized Web page for committing fraud. To prevent such “spoofing”, authentication systems for confirming the authenticity of the Web pages have been suggested. One conventional authentication system is described below with reference to FIG. 15.
In FIG. 15, an owner of a Web page Dwp applies for authorization to an authorization agency for getting himself/herself or his/her Web page Dwp authorized. The authorization agency generates authorization information Itfc from information about the owner or the Web page Dwp received at the time of application. Then, the authorization agency embeds the generated authorization information Itfc as an electronic watermark in a predetermined image Sprd to generate an authentication image Stfc. The authorization agency registers the generated authorization information Itfc in an authentication database (hereinafter, authentication DB) 1001 provided therein. This authentication DB 1001 is accessible by an authentication data terminal equipment 100 managed by the authorization agency. Also, the authorization agency gives the authentication image Stfc to the owner of the Web page Dwp. The owner pastes the received authentication image Stfc onto the Web page Dwp, and stores the same in his/her WWW server 200.
A data terminal equipment 300 on an information user side (hereinafter, user data terminal equipment 300) stores browser software having an authentication function incorporated therein. The user data terminal equipment 300 executes the browser software, and transmits a retrieval request Rrtv for the Web page Dwp to the WWW server 200 through the Internet 400 (refer to a dotted arrow ac). Then, to the user data terminal equipment 300, the Web page Dwp with the authentication image Stfc pasted thereon is transmitted from the WWW server 200 through the Internet 400 (refer to a dotted arrow βc). In response, the user data terminal equipment 300 separates, according to the authentication function incorporated in the browser software, the authentication image Stfc from the received Web page Dwp, and then produces a check request Rchk. The check request Rchk is information for requesting the authentication data terminal equipment 100 to check whether the authorization information Itfc embedded in the authentication image Stfc has been registered in the authentication DB 1001 or not. The user data terminal equipment 300 transmits the produced check request Rchk and the separated authentication image Stfc to the authentication data terminal equipment 100 through the Internet 400 (refer to a dotted arrow γ c).
In response to receiving the check request Rchk, the authentication data terminal equipment 100 extracts, from the authentication image Stfc simultaneously received, the authorization information Itfc embedded as the electronic watermark. Then, the authentication data terminal equipment 100 checks the extracted authorization information Itfc against the authorization information Itfc registered in the authentication DB 1001. According to the check result, the authentication data terminal equipment 100 generates first check information Ichk1 or second check information Ichk2. The first check information Ichk1 indicates that the authorization information Itfc extracted from the authentication image Stfc has been registered in the authentication DB 1001. On the other hand, the second check information Ichk2 indicates that the authorization information Itfc extracted from the authentication image Stfc has not been registered in the authentication DB 1001. This first or second check information Ichk1 or Ichk2 is transmitted through the Internet 400 to the user data terminal equipment 300 (refer to a dotted arrow δ c).
If receiving the first check information Ichk1, the user data terminal equipment 300 causes a screen to display a message indicating that the retrieved Web page Dwp has been authorized. Thus, the information user can know that the Web page Dwp has been authenticated. On the other hand, if receiving the second check information Ichk2, the user data terminal equipment 300 causes the screen to display a message indicating that the retrieved Web page Dwp has not been authorized. Thus, the information user can know that the Web page Dwp may possibly be unauthentic.
However, in the conventional authentication system described above, the information user cannot confirm the authenticity of the retrieved Web page Dwp until he/she receives the Web page Dwp. Therefore, if the retrieved Web page Dwp is unauthentic, the user's access thereto is a waste of time and cost. Moreover, if accessing to a WWW server that stores unauthentic Web pages, the information user may become a victim of cracking; the user's personal information may be stolen, for example. These problems arise not only for the Web page Dwp, but for any data that the information user desires to retrieve, such as text data, audio data, video data, moving-picture data, and software.
Furthermore, in the conventional authentication system, the user data terminal equipment 300 has to access the authentication data terminal equipment 100 at least once. Therefore, traffics over the Internet 400 are increased, and the processing load on the authentication data terminal equipment 100 is also increased.